git.kernel.dk Git - linux-2.6-block.git/commit

author	Alexei Starovoitov <ast@plumgrid.com>
	Fri, 26 Sep 2014 07:17:00 +0000 (00:17 -0700)
committer	David S. Miller <davem@davemloft.net>
	Fri, 26 Sep 2014 19:05:14 +0000 (15:05 -0400)
commit	09756af46893c18839062976c3252e93a1beeba7
tree	203642a5473496ecb6ff10cd22dba39b22ed5f0a	tree \| snapshot
parent	db20fd2b01087bdfbe30bce314a198eefedcc42e	commit \| diff

bpf: expand BPF syscall with program load/unload

eBPF programs are similar to kernel modules. They are loaded by the user
process and automatically unloaded when process exits. Each eBPF program is
a safe run-to-completion set of instructions. eBPF verifier statically
determines that the program terminates and is safe to execute.

The following syscall wrapper can be used to load the program:
int bpf_prog_load(enum bpf_prog_type prog_type,
                  const struct bpf_insn *insns, int insn_cnt,
                  const char *license)
{
    union bpf_attr attr = {
        .prog_type = prog_type,
        .insns = ptr_to_u64(insns),
        .insn_cnt = insn_cnt,
        .license = ptr_to_u64(license),
    };

    return bpf(BPF_PROG_LOAD, &attr, sizeof(attr));
}
where 'insns' is an array of eBPF instructions and 'license' is a string
that must be GPL compatible to call helper functions marked gpl_only

Upon succesful load the syscall returns prog_fd.
Use close(prog_fd) to unload the program.

User space tests and examples follow in the later patches

Signed-off-by: Alexei Starovoitov <ast@plumgrid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/linux/bpf.h		diff \| blob \| blame \| history
include/linux/filter.h		diff \| blob \| blame \| history
include/uapi/linux/bpf.h		diff \| blob \| blame \| history
kernel/bpf/core.c		diff \| blob \| blame \| history
kernel/bpf/syscall.c		diff \| blob \| blame \| history